IDORipper helps detect Insecure Direct Object References (IDOR) and broken authentication vulnerabilities by crawling a target website, sending requests with different authorization headers (original and altered), and comparing the responses.
- Crawls websites using Playwright.
- Extracts all HTTP methods, including GET, POST, and others.
- Detects potential IDOR vulnerabilities.
- Identifies broken authentication issues.
- Supports header manipulation to simulate different users.
- Python 3.x
requestslibrarybeautifulsoup4libraryplaywrightlibrary
- Clone this repository:
git clone https://github.com/alvinsenjaya/IDORipper cd IDORipper - Install the required dependencies:
pip3 install -r requirements.txt
- Ensure Playwright is installed and set up:
playwright install
To start the Advanced Web and API Tester with a target URL and a header:
python IDORipper.py -u <target_url> -H "<Header1>:<Value1>" -H "<Header2>:<Value2>"If you want to specify a single header:
python IDORipper.py -u https://example.com -H "User-Agent: MyCustomAgent"For specifying multiple headers:
python IDORipper.py -u https://example.com -H "User-Agent: MyCustomAgent" -H "Authorization: Bearer <token>"To add altered headers for testing:
python IDORipper.py -u https://example.com -H "User-Agent: MyCustomAgent" -A "User-Agent: AlteredAgent"For multiple altered headers:
python IDORipper.py -u https://example.com -H "User-Agent: MyCustomAgent" -H "Authorization: Bearer <token>" -A "User-Agent: AlteredAgent" -A "Authorization: AlteredToken"To limit crawling to a single domain:
python IDORipper.py -u https://example.com -H "User-Agent: MyCustomAgent" --domain example.comTo limit crawling to multiple domains:
python IDORipper.py -u https://example.com -H "User-Agent: MyCustomAgent" --domain example.com anotherdomain.comYou can specify parameters for placeholder replacement in the URL or request body:
python IDORipper.py -u https://example.com -H "User-Agent: MyCustomAgent" --parameter "user=alice;token=12345"To exclude specific URLs from crawling:
python IDORipper.py -u https://example.com -H "User-Agent: MyCustomAgent" --exclude "/login" "/signup"To exclude responses containing specific body content (e.g., strings in the response body):
python IDORipper.py -u https://example.com -H "User-Agent: MyCustomAgent" --exclude
625F
-result-with-body "Access Denied" "Forbidden"This option will exclude requests from testing if the response body contains the specified strings.
To set the maximum crawl depth:
python IDORipper.py -u https://example.com -H "User-Agent: MyCustomAgent" --depth 3To use all parameters for replacing placeholders and testing:
python IDORipper.py -u https://example.com -H "User-Agent: MyCustomAgent" --parameter "user=alice;token=12345" --domain example.com --depth 3 --exclude "/login" --exclude-result-with-body "Access Denied"Contributions are welcome! Feel free to fork the repository and submit a pull request.
This project is licensed under the MIT License. See the LICENSE file for details.